Hacking the Vote: Chicago Edition

A “very serious vulnerability” in Chicago’s elections Web site made it possible for hackers to swipe Social Security numbers and the personal information of over 1.3 million voters… No confirmation at this point of any information actually being gleaned from the site.

ABC News reports that the problem has existed for more than five years.

Chicago Tribune reports election officials claim to have patched the more than 5-year-old problem.

Can you imagine how much money may have been made by hackers over the past five years who accessed this info? I mean charging just 2 cents per SS# could provide nearly $30k toward an entire year’s tuition the outrageously expensive college of your choice. Is anyone gonna pay to fix this this

This story originally broken by the non-partisan Illinois Ballot Integrity Project

Ring Them Bells Already: May Diebold-Gate Begin

Last week, former Maryland state legislator Cheryl C. Kagan was anonymously given disks containing source code to Diebold’s BallotStation and Global Election Management System (GEMS) tabulation software used in the 2004 elections.

A machine running on the same software version (4.3.15c) defined in the source code sent to Kagan was thoroughly hacked into and documented in September by Princeton’s Ariel J. Feldman, J. Alex Halderman, and Edward W. Felten in the 26-page “Security Analysis of the Diebold AccuVote-TS Voting Machine” (view PDF, “Internet Christian minister” Rev. Bill McGinnis summarizes it here).

Kagan’s story was first reported last Friday in Baltimore Sun by reporter Melissa Harris.

An accompanying letter refers to the State Board of Elections and calls Kagan “the proud recipient of an ‘abandoned baby Diebold source code’ right from SBE accidentally picked up in this envelope, right in plain view at SBE. … You have the software because you are a credible person who can save the state from itself. You must alert the media and save democracy.”

No matter how or even if Kagan’s story is true, a crime, or whatever — it remains both ironic and suspicious that the one company authorized to make electronic voting systems in this country has kept their source code bottled up as if it contained the ingredients for Coca Cola’s secret syrup. Opening source code to independent professional reviewers and critics who may find bugs and other flaws should be mandatory for a company that for months has represented itself with broken HTML code on their home page (see http://www.diebold.com/dieboldes/).

(Coincidentally 2 men pleaded guilty this morning in the FBI investigation into stolen Coke “trade secrets.”)

Joe Strupp, of the newspaper industry watchdog Editor & Publisher asks, “Is Press Taking Possible Voting Problems Seriously?” (ABC’s World News Tonight is devoting a fair amount of programming to the issue.)

Kagan, a Democrat, is the executive director of the Freeman Foundation — a philanthropic community-focused charity — and is a noted critic of her state’s election chief and the Diebold voting systems. She said she’s been in contact with the FBI and intends to cooperate with any investigation.

Maryland’s deputy elections administrator claimed the disks contain “nothing that’s being used in this election.” Which is quite a suspicious thing to say in and of itself.

In other election season news, hasGoogle Earth new layers and placemarks with useful 2006 election info.

The MPAA’s Boy Scout Propaganda

When they’re not clearing brush, tying knots and starting fires, the Boy Scouts of Los Angeles are being imbibed with honor-thy-copyright-loyally flim-flam. No joke.

boy scout mpaa copyrightOddly, no byline on this tight report from the AP’s boy scout beat:

“Working with the Boy Scouts of Los Angeles, we have a real opportunity to educate a new generation about how movies are made, why they are valuable, and hopefully change attitudes about intellectual property theft,” Dan Glickman, chairman of the Motion Picture Association of America, said in a statement Friday.

Contact Victor Zuniga, head of Boy Scouts LA to find out the nature of these “merit badges.”